Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!

Notices

Welcome to LinuxQuestions.org, a friendly and active Linux Community.

You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!

Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.

If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.

Having a problem logging in? Please visit this page to clear all LQ-related cookies.

Introduction to Linux - A Hands on Guide

This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.

I want to make a crontab that connects via ssh to a host with login and password that I desire, could you please help ?

Adnan,

There are two ways to do what you want. One involves a stored password, and one does not. Both are non-interactive, meaning that they can work when you're not there to enter a password.

First Method
The way that does not require a password. You can use public/private key authentication instead of passwords with SSH. I'm going to assume that you're using OpenSSH, which comes with practically every Linux distribution that there is.

Configure your SSH server to accept private key logins. In /etc/ssh/sshd_config make sure that there's a line that says PubkeyAuthentication yes (and that there is no # infront of it). If you change this file, you need to restart the sshd service. If you're not sure, stop and ask somebody here before you break it.

On your local machine (not the server), create yourself a pair of keys with ssh-keygen -t rsa (you can use other options than rsa, but I'm keeping it simple). Do not specify a password. Save the keys in the locations prompted.

Open the contents of the id_rsa.pub file that you just created (it's one very long line of text), and copy the contents into the end of the file $HOME/.ssh/authorized_keys on the server machine. Create the file if it doesn't exist.

Now you should be able to ssh user@remote.host without a password. If that works, you can use it in scripts, etc. Because you have a private key with no password to protect it, it's important that you make sure that nobody gets their grubby hands on your id_rsa file. They can have the id_rsa.pub file (it's public, you see) but the other one's your precious.

If you think somebody has a copy of your id_rsa file, you can delete the line that you added to authorized_keys on the server, to disable that key.

Second method
If you thought that was complicated, you wait till you've tried to get this one working. The basic idea is to use expect, which is an administration automation tool, to type your password in to ssh when prompted. It might not always work, and when it doesn't, it's hard to figure out why not. I recommend the first method.

Anyway, here's a command that you can poke at until it does what you want:

Expect might not be installed on your system. That's the first hurdle, although most distributions have it easily available. You need to modify user@remote.host to your remote username and hostname. You need ot make sure that ssh prompts for a password using the letters "assword"; if not, that needs changing to something that does appear. You need to change "passphrase" to whatever the password is.

Problem here is doing the scripting. You can either have expect type in further commands, or you can list them as a parameter to ssh in that spawn command (just before the semicolon ; ). It might never work properly for you; again, I recommend the first method.

If the authorized_keys or authorized_keys2 file has the incorrect permissions it will not authenticate with your ssh-rsa key but instead still require a password. If you are having trouble configuring SSH keys you should check the /var/log/secure file to see if there is an error displaying in that log. You may see the error displayed below.

If you see this error it means that the authorized_keys or authorized_keys2 file has the incorrect ownership or permissions. Make sure that the authorized_keys file is owned by the user that will be logged into and the permissions are 600. So if the username is backup you would want the file to look like the below when issuing the “ls -alh” command.